lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-12-24 17:41:01 +03:00
Code Activity

Rename aead_chacha20_poly1305 to chachapoly

Browse Source 
While the old name is explicit and aligned with the RFC, it's also very long,
so with the mbedtls_ prefix prepended we get a 31-char prefix to each
identifier, which quickly conflicts with our 80-column policy.

The new name is shorter, it's what a lot of people use when speaking about
that construction anyway, and hopefully should not introduce confusion at
it seems unlikely that variants other than 20/1305 be standardised in the
foreseeable future.
This commit is contained in:
Manuel Pégourié-Gonnard
2018-05-07 10:43:27 +02:00
parent 4edd51babe
commit dca3a5d884
21 changed files with 330 additions and 325 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
library/CMakeLists.txt
View File

@@ -3,7 +3,6 @@ option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF)
option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF)
set(src_crypto
aead_chacha20_poly1305.c
aes.c
aesni.c
arc4.c
@@ -15,6 +14,7 @@ set(src_crypto
camellia.c
ccm.c
chacha20.c
chachapoly.c
cipher.c
cipher_wrap.c
cmac.c

5
library/Makefile
View File

@@ -47,11 +47,10 @@ ifdef WINDOWS_BUILD
DLEXT=dll
endif
OBJS_CRYPTO= aead_chacha20_poly1305.o \
aes.o aesni.o arc4.o \
OBJS_CRYPTO= aes.o aesni.o arc4.o \
asn1parse.o asn1write.o base64.o \
bignum.o blowfish.o camellia.o \
ccm.o chacha20.o \
ccm.o chacha20.o chachapoly.o \
cipher.o cipher_wrap.o \
cmac.o ctr_drbg.o des.o \
dhm.o ecdh.o ecdsa.o \

166
library/aead_chacha20_poly1305.c → library/chachapoly.c
View File

@@ -1,5 +1,5 @@
/**
* \file aead_chacha20_poly1305.c
* \file chachapoly.c
*
* \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539.
*
@@ -26,9 +26,9 @@
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_CHACHAPOLY_C)
#include "mbedtls/aead_chacha20_poly1305.h"
#include "mbedtls/chachapoly.h"
#include <string.h>
#if defined(MBEDTLS_SELF_TEST)
@@ -40,12 +40,12 @@
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#if !defined(MBEDTLS_AEAD_CHACHA20_POLY1305_ALT)
#if !defined(MBEDTLS_CHACHAPOLY_ALT)
#define AEAD_CHACHA20_POLY1305_STATE_INIT ( 0 )
#define AEAD_CHACHA20_POLY1305_STATE_AAD ( 1 )
#define AEAD_CHACHA20_POLY1305_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */
#define AEAD_CHACHA20_POLY1305_STATE_FINISHED ( 3 )
#define CHACHAPOLY_STATE_INIT ( 0 )
#define CHACHAPOLY_STATE_AAD ( 1 )
#define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */
#define CHACHAPOLY_STATE_FINISHED ( 3 )
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) {
@@ -57,7 +57,7 @@ static void mbedtls_zeroize( void *v, size_t n ) {
*
* \param ctx The ChaCha20-Poly1305 context.
*/
static void mbedtls_aead_chacha20_poly1305_pad_aad( mbedtls_aead_chacha20_poly1305_context *ctx )
static void mbedtls_chachapoly_pad_aad( mbedtls_chachapoly_context *ctx )
{
uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U );
unsigned char zeroes[15];
@@ -76,7 +76,7 @@ static void mbedtls_aead_chacha20_poly1305_pad_aad( mbedtls_aead_chacha20_poly13
*
* \param ctx The ChaCha20-Poly1305 context.
*/
static void mbedtls_aead_chacha20_poly1305_pad_ciphertext( mbedtls_aead_chacha20_poly1305_context *ctx )
static void mbedtls_chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx )
{
uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U );
unsigned char zeroes[15];
@@ -90,7 +90,7 @@ static void mbedtls_aead_chacha20_poly1305_pad_ciphertext( mbedtls_aead_chacha20
}
}
void mbedtls_aead_chacha20_poly1305_init( mbedtls_aead_chacha20_poly1305_context *ctx )
void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx )
{
if ( ctx != NULL )
{
@@ -98,12 +98,12 @@ void mbedtls_aead_chacha20_poly1305_init( mbedtls_aead_chacha20_poly1305_context
mbedtls_poly1305_init( &ctx->poly1305_ctx );
ctx->aad_len = 0U;
ctx->ciphertext_len = 0U;
ctx->state = AEAD_CHACHA20_POLY1305_STATE_INIT;
ctx->mode = MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT;
ctx->state = CHACHAPOLY_STATE_INIT;
ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT;
}
}
void mbedtls_aead_chacha20_poly1305_free( mbedtls_aead_chacha20_poly1305_context *ctx )
void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx )
{
if ( ctx != NULL )
{
@@ -111,19 +111,19 @@ void mbedtls_aead_chacha20_poly1305_free( mbedtls_aead_chacha20_poly1305_context
mbedtls_poly1305_free( &ctx->poly1305_ctx );
ctx->aad_len = 0U;
ctx->ciphertext_len = 0U;
ctx->state = AEAD_CHACHA20_POLY1305_STATE_INIT;
ctx->mode = MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT;
ctx->state = CHACHAPOLY_STATE_INIT;
ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT;
}
}
int mbedtls_aead_chacha20_poly1305_setkey( mbedtls_aead_chacha20_poly1305_context *ctx,
const unsigned char key[32] )
int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
const unsigned char key[32] )
{
int result;
if ( ( ctx == NULL ) || ( key == NULL ) )
{
return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
}
result = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key );
@@ -131,16 +131,16 @@ int mbedtls_aead_chacha20_poly1305_setkey( mbedtls_aead_chacha20_poly1305_contex
return( result );
}
int mbedtls_aead_chacha20_poly1305_starts( mbedtls_aead_chacha20_poly1305_context *ctx,
const unsigned char nonce[12],
mbedtls_aead_chacha20_poly1305_mode_t mode )
int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
const unsigned char nonce[12],
mbedtls_chachapoly_mode_t mode )
{
int result;
unsigned char poly1305_key[64];
if ( ( ctx == NULL ) || ( nonce == NULL ) )
{
return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
}
result = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 1U );
@@ -161,7 +161,7 @@ int mbedtls_aead_chacha20_poly1305_starts( mbedtls_aead_chacha20_poly1305_contex
{
ctx->aad_len = 0U;
ctx->ciphertext_len = 0U;
ctx->state = AEAD_CHACHA20_POLY1305_STATE_AAD;
ctx->state = CHACHAPOLY_STATE_AAD;
ctx->mode = mode;
}
@@ -170,22 +170,22 @@ cleanup:
return( result );
}
int mbedtls_aead_chacha20_poly1305_update_aad( mbedtls_aead_chacha20_poly1305_context *ctx,
size_t aad_len,
const unsigned char *aad )
int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
size_t aad_len,
const unsigned char *aad )
{
if ( ctx == NULL )
{
return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
}
else if ( ( aad_len > 0U ) && ( aad == NULL ) )
{
/* aad pointer is allowed to be NULL if aad_len == 0 */
return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
}
else if ( ctx->state != AEAD_CHACHA20_POLY1305_STATE_AAD )
else if ( ctx->state != CHACHAPOLY_STATE_AAD )
{
return(MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_STATE );
return(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
}
ctx->aad_len += aad_len;
@@ -193,36 +193,36 @@ int mbedtls_aead_chacha20_poly1305_update_aad( mbedtls_aead_chacha20_poly1305_co
return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad_len, aad ) );
}
int mbedtls_aead_chacha20_poly1305_update( mbedtls_aead_chacha20_poly1305_context *ctx,
size_t len,
const unsigned char *input,
unsigned char *output )
int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
size_t len,
const unsigned char *input,
unsigned char *output )
{
if ( ( ctx == NULL ) || ( input == NULL ) || ( output == NULL ) )
{
return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
}
else if ( ( len > 0U ) && ( ( input == NULL ) || ( output == NULL ) ) )
{
/* input and output pointers are allowed to be NULL if len == 0 */
return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
}
else if ( ( ctx->state != AEAD_CHACHA20_POLY1305_STATE_AAD ) &&
( ctx->state != AEAD_CHACHA20_POLY1305_STATE_CIPHERTEXT ) )
else if ( ( ctx->state != CHACHAPOLY_STATE_AAD ) &&
( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) )
{
return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_STATE );
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
}
if ( ctx->state == AEAD_CHACHA20_POLY1305_STATE_AAD )
if ( ctx->state == CHACHAPOLY_STATE_AAD )
{
ctx->state = AEAD_CHACHA20_POLY1305_STATE_CIPHERTEXT;
ctx->state = CHACHAPOLY_STATE_CIPHERTEXT;
mbedtls_aead_chacha20_poly1305_pad_aad( ctx );
mbedtls_chachapoly_pad_aad( ctx );
}
ctx->ciphertext_len += len;
if ( ctx->mode == MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT )
if ( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT )
{
/* Note: the following functions return an error only if one or more of
* the input pointers are NULL. Since we have checked their validity
@@ -240,30 +240,30 @@ int mbedtls_aead_chacha20_poly1305_update( mbedtls_aead_chacha20_poly1305_contex
return( 0 );
}
int mbedtls_aead_chacha20_poly1305_finish( mbedtls_aead_chacha20_poly1305_context *ctx,
unsigned char mac[16] )
int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
unsigned char mac[16] )
{
unsigned char len_block[16];
if ( ( ctx == NULL ) || ( mac == NULL ) )
{
return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
}
else if ( ctx->state == AEAD_CHACHA20_POLY1305_STATE_INIT )
else if ( ctx->state == CHACHAPOLY_STATE_INIT )
{
return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_STATE );
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
}
if ( ctx->state == AEAD_CHACHA20_POLY1305_STATE_AAD )
if ( ctx->state == CHACHAPOLY_STATE_AAD )
{
mbedtls_aead_chacha20_poly1305_pad_aad( ctx );
mbedtls_chachapoly_pad_aad( ctx );
}
else if ( ctx->state == AEAD_CHACHA20_POLY1305_STATE_CIPHERTEXT )
else if ( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT )
{
mbedtls_aead_chacha20_poly1305_pad_ciphertext( ctx );
mbedtls_chachapoly_pad_ciphertext( ctx );
}
ctx->state = AEAD_CHACHA20_POLY1305_STATE_FINISHED;
ctx->state = CHACHAPOLY_STATE_FINISHED;
/* The lengths of the AAD and ciphertext are processed by
* Poly1305 as the final 128-bit block, encoded as little-endian integers.
@@ -291,45 +291,45 @@ int mbedtls_aead_chacha20_poly1305_finish( mbedtls_aead_chacha20_poly1305_contex
return( 0 );
}
int mbedtls_aead_chacha20_poly1305_crypt_and_mac ( const unsigned char key[32],
const unsigned char nonce[12],
mbedtls_aead_chacha20_poly1305_mode_t mode,
size_t aad_len,
const unsigned char *aad,
size_t ilen,
const unsigned char *input,
unsigned char *output,
unsigned char mac[16] )
int mbedtls_chachapoly_crypt_and_mac ( const unsigned char key[32],
const unsigned char nonce[12],
mbedtls_chachapoly_mode_t mode,
size_t aad_len,
const unsigned char *aad,
size_t ilen,
const unsigned char *input,
unsigned char *output,
unsigned char mac[16] )
{
mbedtls_aead_chacha20_poly1305_context ctx;
mbedtls_chachapoly_context ctx;
int result;
mbedtls_aead_chacha20_poly1305_init( &ctx );
mbedtls_chachapoly_init( &ctx );
result = mbedtls_aead_chacha20_poly1305_setkey( &ctx, key );
result = mbedtls_chachapoly_setkey( &ctx, key );
if ( result != 0 )
goto cleanup;
result = mbedtls_aead_chacha20_poly1305_starts( &ctx, nonce, mode );
result = mbedtls_chachapoly_starts( &ctx, nonce, mode );
if ( result != 0 )
goto cleanup;
result = mbedtls_aead_chacha20_poly1305_update_aad( &ctx, aad_len, aad );
result = mbedtls_chachapoly_update_aad( &ctx, aad_len, aad );
if ( result != 0 )
goto cleanup;
result = mbedtls_aead_chacha20_poly1305_update( &ctx, ilen, input, output );
result = mbedtls_chachapoly_update( &ctx, ilen, input, output );
if ( result != 0 )
goto cleanup;
result = mbedtls_aead_chacha20_poly1305_finish( &ctx, mac );
result = mbedtls_chachapoly_finish( &ctx, mac );
cleanup:
mbedtls_aead_chacha20_poly1305_free( &ctx );
mbedtls_chachapoly_free( &ctx );
return( result );
}
#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_ALT */
#endif /* MBEDTLS_CHACHAPOLY_ALT */
#if defined(MBEDTLS_SELF_TEST)
@@ -419,7 +419,7 @@ static const unsigned char test_mac[1][16] =
}
};
int mbedtls_aead_chacha20_poly1305_self_test( int verbose )
int mbedtls_chachapoly_self_test( int verbose )
{
unsigned i;
int result;
@@ -433,15 +433,15 @@ int mbedtls_aead_chacha20_poly1305_self_test( int verbose )
mbedtls_printf( " ChaCha20-Poly1305 test %u ", i );
}
result = mbedtls_aead_chacha20_poly1305_crypt_and_mac( test_key[i],
test_nonce[i],
MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT,
test_aad_len[i],
test_aad[i],
test_input_len[i],
test_input[i],
output,
mac );
result = mbedtls_chachapoly_crypt_and_mac( test_key[i],
test_nonce[i],
MBEDTLS_CHACHAPOLY_ENCRYPT,
test_aad_len[i],
test_aad[i],
test_input_len[i],
test_input[i],
output,
mac );
if ( result != 0 )
{
if ( verbose != 0 )
@@ -485,4 +485,4 @@ int mbedtls_aead_chacha20_poly1305_self_test( int verbose )
#endif /* MBEDTLS_SELF_TEST */
#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#endif /* MBEDTLS_CHACHAPOLY_C */

70
library/cipher.c
View File

@@ -38,8 +38,8 @@
#include <stdlib.h>
#include <string.h>
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#include "mbedtls/aead_chacha20_poly1305.h"
#if defined(MBEDTLS_CHACHAPOLY_C)
#include "mbedtls/chachapoly.h"
#endif
#if defined(MBEDTLS_GCM_C)
@@ -70,7 +70,7 @@
#endif
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
/* Compare the contents of two buffers in constant time.
* Returns 0 if the contents are bitwise identical, otherwise returns
* a non-zero value.
@@ -88,7 +88,7 @@ static int mbedtls_constant_time_memcmp( const void *v1, const void *v2, size_t
return (int)diff;
}
#endif /* MBEDTLS_GCM_C || MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
static int supported_init = 0;
@@ -288,7 +288,7 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx )
return( 0 );
}
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len )
{
@@ -303,30 +303,30 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
}
#endif
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_CHACHAPOLY_C)
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
{
int result;
mbedtls_aead_chacha20_poly1305_mode_t mode;
mbedtls_chachapoly_mode_t mode;
mode = ( ctx->operation == MBEDTLS_ENCRYPT )
? MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT
: MBEDTLS_AEAD_CHACHA20_POLY1305_DECRYPT;
? MBEDTLS_CHACHAPOLY_ENCRYPT
: MBEDTLS_CHACHAPOLY_DECRYPT;
result = mbedtls_aead_chacha20_poly1305_starts( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
result = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
ctx->iv,
mode );
if ( result != 0 )
return( result );
return mbedtls_aead_chacha20_poly1305_update_aad( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
return mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
ad_len, ad );
}
#endif
return( 0 );
}
#endif /* MBEDTLS_GCM_C || MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen )
@@ -394,11 +394,11 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_CHACHAPOLY_C)
if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 )
{
*olen = ilen;
return mbedtls_aead_chacha20_poly1305_update( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
return mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
ilen, input, output );
}
#endif
@@ -852,7 +852,7 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_ciph
}
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
unsigned char *tag, size_t tag_len )
{
@@ -867,14 +867,14 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len );
#endif
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_CHACHAPOLY_C)
if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
{
/* Don't allow truncated MAC for Poly1305 */
if ( tag_len != 16U )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
return mbedtls_aead_chacha20_poly1305_finish( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
return mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
tag );
}
#endif
@@ -914,14 +914,14 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
}
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_CHACHAPOLY_C)
if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
{
/* Don't allow truncated MAC for Poly1305 */
if ( tag_len != sizeof( check_tag ) )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
ret = mbedtls_aead_chacha20_poly1305_finish( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
check_tag );
if ( ret != 0 )
{
@@ -934,11 +934,11 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
return( 0 );
}
#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#endif /* MBEDTLS_CHACHAPOLY_C */
return( 0 );
}
#endif /* MBEDTLS_GCM_C || MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/*
* Packet-oriented wrapper for non-AEAD modes
@@ -997,7 +997,7 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
tag, tag_len ) );
}
#endif /* MBEDTLS_CCM_C */
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_CHACHAPOLY_C)
if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
{
int ret;
@@ -1010,26 +1010,26 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
*olen = ilen;
ret = mbedtls_aead_chacha20_poly1305_starts( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
iv, MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT );
ret = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
iv, MBEDTLS_CHACHAPOLY_ENCRYPT );
if ( ret != 0 )
return( ret );
ret = mbedtls_aead_chacha20_poly1305_update_aad( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
ret = mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
ad_len, ad );
if ( ret != 0 )
return( ret );
ret = mbedtls_aead_chacha20_poly1305_update( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
ret = mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
ilen, input, output );
if ( ret != 0 )
return( ret );
ret = mbedtls_aead_chacha20_poly1305_finish( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
tag );
return( ret );
}
#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#endif /* MBEDTLS_CHACHAPOLY_C */
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
@@ -1076,7 +1076,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
return( ret );
}
#endif /* MBEDTLS_CCM_C */
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_CHACHAPOLY_C)
if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
{
unsigned char check_tag[16];
@@ -1090,22 +1090,22 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
*olen = ilen;
ret = mbedtls_aead_chacha20_poly1305_starts( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
iv, MBEDTLS_AEAD_CHACHA20_POLY1305_DECRYPT );
ret = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
iv, MBEDTLS_CHACHAPOLY_DECRYPT );
if ( ret != 0 )
return( ret );
ret = mbedtls_aead_chacha20_poly1305_update_aad( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
ret = mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
ad_len, ad );
if ( ret != 0 )
return( ret );
ret = mbedtls_aead_chacha20_poly1305_update( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
ret = mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
ilen, input, output );
if ( ret != 0 )
return( ret );
ret = mbedtls_aead_chacha20_poly1305_finish( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
check_tag );
if ( ret != 0 )
return( ret );
@@ -1116,7 +1116,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
return( 0 );
}
#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#endif /* MBEDTLS_CHACHAPOLY_C */
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}

45
library/cipher_wrap.c
View File

@@ -33,8 +33,8 @@
#include "mbedtls/cipher_internal.h"
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#include "mbedtls/aead_chacha20_poly1305.h"
#if defined(MBEDTLS_CHACHAPOLY_C)
#include "mbedtls/chachapoly.h"
#endif
#if defined(MBEDTLS_AES_C)
@@ -1356,40 +1356,41 @@ static const mbedtls_cipher_info_t chacha20_info = {
};
#endif /* MBEDTLS_CHACHA20_C */
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#if defined(MBEDTLS_CHACHAPOLY_C)
static int aead_chacha20_poly1305_setkey_wrap( void *ctx, const unsigned char *key,
unsigned int key_bitlen )
static int chachapoly_setkey_wrap( void *ctx,
const unsigned char *key,
unsigned int key_bitlen )
{
if( key_bitlen != 256U )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if ( 0 != mbedtls_aead_chacha20_poly1305_setkey( (mbedtls_aead_chacha20_poly1305_context*)ctx, key ) )
if ( 0 != mbedtls_chachapoly_setkey( (mbedtls_chachapoly_context*)ctx, key ) )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
return( 0 );
}
static void * aead_chacha20_poly1305_ctx_alloc( void )
static void * chachapoly_ctx_alloc( void )
{
mbedtls_aead_chacha20_poly1305_context *ctx;
ctx = mbedtls_calloc( 1, sizeof( mbedtls_aead_chacha20_poly1305_context ) );
mbedtls_chachapoly_context *ctx;
ctx = mbedtls_calloc( 1, sizeof( mbedtls_chachapoly_context ) );
if( ctx == NULL )
return( NULL );
mbedtls_aead_chacha20_poly1305_init( ctx );
mbedtls_chachapoly_init( ctx );
return( ctx );
}
static void aead_chacha20_poly1305_ctx_free( void *ctx )
static void chachapoly_ctx_free( void *ctx )
{
mbedtls_aead_chacha20_poly1305_free( (mbedtls_aead_chacha20_poly1305_context *) ctx );
mbedtls_chachapoly_free( (mbedtls_chachapoly_context *) ctx );
mbedtls_free( ctx );
}
static const mbedtls_cipher_base_t aead_chacha20_poly1305_base_info = {
static const mbedtls_cipher_base_t chachapoly_base_info = {
MBEDTLS_CIPHER_ID_CHACHA20,
NULL,
#if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1404,12 +1405,12 @@ static const mbedtls_cipher_base_t aead_chacha20_poly1305_base_info = {
#if defined(MBEDTLS_CIPHER_MODE_STREAM)
NULL,
#endif
aead_chacha20_poly1305_setkey_wrap,
aead_chacha20_poly1305_setkey_wrap,
aead_chacha20_poly1305_ctx_alloc,
aead_chacha20_poly1305_ctx_free
chachapoly_setkey_wrap,
chachapoly_setkey_wrap,
chachapoly_ctx_alloc,
chachapoly_ctx_free
};
static const mbedtls_cipher_info_t aead_chacha20_poly1305_info = {
static const mbedtls_cipher_info_t chachapoly_info = {
MBEDTLS_CIPHER_CHACHA20_POLY1305,
MBEDTLS_MODE_NONE,
256,
@@ -1417,9 +1418,9 @@ static const mbedtls_cipher_info_t aead_chacha20_poly1305_info = {
12,
0,
64,
&aead_chacha20_poly1305_base_info
&chachapoly_base_info
};
#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#endif /* MBEDTLS_CHACHAPOLY_C */
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
static int null_crypt_stream( void *ctx, size_t length,
@@ -1580,8 +1581,8 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] =
{ MBEDTLS_CIPHER_CHACHA20, &chacha20_info },
#endif
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
{ MBEDTLS_CIPHER_CHACHA20_POLY1305, &aead_chacha20_poly1305_info },
#if defined(MBEDTLS_CHACHAPOLY_C)
{ MBEDTLS_CIPHER_CHACHA20_POLY1305, &chachapoly_info },
#endif
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)

22
library/error.c
View File

@@ -41,10 +41,6 @@
#include <stdio.h>
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
#include "mbedtls/aead_chacha20_poly1305.h"
#endif
#if defined(MBEDTLS_AES_C)
#include "mbedtls/aes.h"
#endif
@@ -77,6 +73,10 @@
#include "mbedtls/chacha20.h"
#endif
#if defined(MBEDTLS_CHACHAPOLY_C)
#include "mbedtls/chachapoly.h"
#endif
#if defined(MBEDTLS_CIPHER_C)
#include "mbedtls/cipher.h"
#endif
@@ -579,13 +579,6 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
// Low level error codes
//
// BEGIN generated code
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
if( use_ret == -(MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA) )
mbedtls_snprintf( buf, buflen, "AEAD_CHACHA20_POLY1305 - Invalid input parameter(s)" );
if( use_ret == -(MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_STATE) )
mbedtls_snprintf( buf, buflen, "AEAD_CHACHA20_POLY1305 - The requested operation is not permitted in the current state" );
#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#if defined(MBEDTLS_AES_C)
if( use_ret == -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH) )
mbedtls_snprintf( buf, buflen, "AES - Invalid key length" );
@@ -677,6 +670,13 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
mbedtls_snprintf( buf, buflen, "CHACHA20 - Invalid input parameter(s)" );
#endif /* MBEDTLS_CHACHA20_C */
#if defined(MBEDTLS_CHACHAPOLY_C)
if( use_ret == -(MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA) )
mbedtls_snprintf( buf, buflen, "CHACHAPOLY - Invalid input parameter(s)" );
if( use_ret == -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE) )
mbedtls_snprintf( buf, buflen, "CHACHAPOLY - The requested operation is not permitted in the current state" );
#endif /* MBEDTLS_CHACHAPOLY_C */
#if defined(MBEDTLS_CMAC_C)
if( use_ret == -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "CMAC - CMAC hardware accelerator failed" );

12
library/version_features.c
View File

@@ -84,9 +84,9 @@ static const char *features[] = {
#if defined(MBEDTLS_TIMING_ALT)
"MBEDTLS_TIMING_ALT",
#endif /* MBEDTLS_TIMING_ALT */
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_ALT)
"MBEDTLS_AEAD_CHACHA20_POLY1305_ALT",
#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_ALT */
#if defined(MBEDTLS_CHACHAPOLY_ALT)
"MBEDTLS_CHACHAPOLY_ALT",
#endif /* MBEDTLS_CHACHAPOLY_ALT */
#if defined(MBEDTLS_AES_ALT)
"MBEDTLS_AES_ALT",
#endif /* MBEDTLS_AES_ALT */
@@ -519,9 +519,9 @@ static const char *features[] = {
#if defined(MBEDTLS_AES_C)
"MBEDTLS_AES_C",
#endif /* MBEDTLS_AES_C */
#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
"MBEDTLS_AEAD_CHACHA20_POLY1305_C",
#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
#if defined(MBEDTLS_CHACHAPOLY_C)
"MBEDTLS_CHACHAPOLY_C",
#endif /* MBEDTLS_CHACHAPOLY_C */
#if defined(MBEDTLS_ARC4_C)
"MBEDTLS_ARC4_C",
#endif /* MBEDTLS_ARC4_C */